@cap-js-community/websocket
v1.4.0
Published
WebSocket adapter for CDS
Downloads
538
Readme
@cap-js-community/websocket
WebSocket Adapter for CDS
Exposes a WebSocket protocol via WebSocket standard or Socket.IO for CDS services. Runs in context of the SAP Cloud Application Programming Model (CAP) using @sap/cds (CDS Node.js).
Table of Contents
- Getting Started
- Usage
- Documentation
- Architecture Overview
- Protocol Annotations
- WebSocket Server
- WebSocket Implementation
- Server Socket
- Service Facade
- Middlewares
- Tenant Isolation
- Authentication & Authorization
- Invocation Context
- Transactional Safety
- Client Determination
- WebSocket Format
- Connect & Disconnect
- Approuter
- Operations
- Examples
- Unit-Tests
- Adapters
- Deployment
- Support, Feedback, Contributing
- Code of Conduct
- Licensing
Getting Started
- Run
npm add @cap-js-community/websocket
in@sap/cds
project - Add a WebSocket enabled CDS service:
@ws service ChatService { event received { text: String; } }
- Emit event from business logic:
await srv.emit("received", { text: "Hello World!" });
- Start server via
cds-serve
- Access the service endpoint via WebSocket client
Usage
Server
- Run
npm add @cap-js-community/websocket
in@sap/cds
project - Create a service to be exposed as websocket protocol: srv/chat-service.cds
@protocol: 'websocket' service ChatService { function message(text: String) returns String; event received { text: String; } }
- Implement CDS websocket service: srv/chat-service.js
module.exports = (srv) => { srv.on("message", async (req) => { await srv.emit("received", req.data); return req.data.text; }); };
Client
In browser environment implement the websocket client: index.html
WebSocket Standard
- Connect with WebSocket
const protocol = window.location.protocol === "https:" ? "wss://" : "ws://"; const socket = new WebSocket(protocol + window.location.host + "/ws/chat");
- Emit event
socket.send( JSON.stringify({ event: "message", data: { text: input.value }, }), );
- Listen to event
socket.addEventListener("message", (message) => { const payload = JSON.parse(message.data); switch (payload.event) { case "received": console.log(payload.data.text); break; } });
Socket.IO (kind: socket.io
)
- Connect with Socket.IO client
const socket = io("/ws/chat");
- Emit event
socket.emit("message", { text: "Hello World" });
- Listen to event
socket.on("received", (message) => { console.log(message.text); });
Documentation
Architecture Overview
The CDS Websocket module supports the following use-cases:
- Connect multiple websocket clients (browser and non-browser) to CAP server websockets
- Process websockets messages as CDS entity CRUD, action and function calls
- Broadcast CDS events across local server websockets and multi-instance server websockets (via Redis)
- Broadcast CDS events across multiple CAP server applications and application instances (via Redis)
- Tenant-ware emit/broadcast CDS events from server websockets to websocket clients (browser and non-browser)
- Emit/Broadcast CDS events to a subset of websocket clients leveraging users, event contexts or client identifiers
- Websocket events support different formats (JSON, PCP, CloudEvents or custom format)
Protocol Annotations
The CDS WebSocket module supports the following protocols definitions options in CDS:
@ws
@websocket
@protocol: 'ws'
@protocol: 'websocket'
@protocol: [{ kind: 'ws', path: 'chat' }]
@protocol: [{ kind: 'websocket', path: 'chat' }]
If protocol path is not specified (e.g. via @path
), it is determined from service name.
If the specified path is relative (i.e. does not start with a slash /
), it is appended to the default protocol path e.g. /ws
.
If the path is absolute (i.e. starts with a slash /
), it is used as is.
Examples:
@path: 'chat
: Service is exposed at/ws/chat
@path: '/chat
: Service is exposed at/chat
WebSocket Server
The CDS websocket server is exposed on cds
object implementation-independent at cds.ws
and implementation-specific
at
cds.wss
for WebSocket Standard or cds.io
for Socket.IO. Additional listeners can be registered bypassing CDS
definitions and runtime.
WebSocket server options can be provided via cds.websocket.options
.
Default protocol path is /ws
and can be overwritten via cds.env.protocols.websocket.path
resp.
cds.env.protocols.ws.path
;
WebSocket Implementation
The CDS websocket server supports the following two websocket implementations:
- WebSocket Standard (via
Node.js ws package):
cds.websocket.kind: "ws"
(default) - Socket.IO:
cds.websocket.kind: "socket.io"
- Custom Server: A custom websocket server implementation can be provided via a path relative to the project root
with the configuration
cds.websocket.impl
(e.g.cds.websocket.impl: './server/xyz.js'
).
The server implementation abstracts from the concrete websocket implementation. The websocket client still needs to be implemented websocket implementation specific.
WebSocket Service
Annotated services with websocket protocol are exposed at endpoint: /ws/<service-path>
:
Websocket client connection happens as follows for exposed endpoints:
- WS:
const socket = new WebSocket("ws://localhost:4004/ws/chat");
- Socket.IO:
const socket = io("ws/chat")
WebSocket Event
Websocket services can contain events that are exposed as websocket events. Emitting an event on the service, broadcasts the event to all websocket clients.
@protocol: 'ws'
@path: 'chat'
service ChatService {
event received {
text: String;
}
}
In addition, also non-websocket services can contain events that are exposed as websocket events:
@protocol: 'odata'
@path: 'chat'
service ChatService {
entity Chat as projection on chat.Chat;
function message(text: String) returns String;
@websocket
event received {
text: String;
}
}
Although the service is exposed as an OData protocol at /odata/v4/chat
, the service events annotated with @websocket
or @ws
are exposed as websocket events under the websocket protocol path as follows: /ws/chat
. Entities and operations
are not exposed, as the service itself is not marked as websocket protocol.
The service path can be overruled on event level via @websocket.path
or @ws.path
annotation as follows:
@ws.path: 'fns-websocket'
@ws.format: 'pcp'
event notify {
text : String
};
The specified event path must match the service path of another websocket enabled CDS service, otherwise the event is
not processed. In addition the websocket format can be specified on event level via @websocket.format
or @ws.format
annotation for websocket events of non-websocket services.
Hint:
Non-websocket service events are only active when at least one websocket enabled service is available (i.e. websocket protocol adapter is active).
Server Socket
Each CDS handler request context is extended to hold the current server socket
instance of the event.
It can be accessed via the service websocket facade via req.context.ws.service
or cds.context.ws.service
.
In addition the native websocket server socket can be accessed via req.context.ws.socket
or cds.context.ws.socket
.
Events can be directly emitted via the native socket
, bypassing CDS runtime, if necessary.
Service Facade
The service facade provides native access to websocket implementation independent of CDS context
and is accessible on socket via socket.facade
or in CDS context via req.context.ws.service
.
It abstracts from the concrete websocket implementation by exposing the following public interface:
service: Object
: Service definitionpath: String
: Service pathsocket: Object
: Server socketcontext: Object
: CDS context object for the websocket server socketon(event: String, callback: Function)
: Register websocket eventasync emit(event: String, data: Object)
: Emit websocket event with dataasync broadcast(event: String, data: Object, user: {include: String[], exclude: String[]}?, context: : {include: String[], exclude: String[]}?, identifier: {include: String[], exclude: String[]}?, headers: Object?)
: Broadcast websocket event (except to sender) by optionally restrict to users, contexts or identifiers and optionally providing headersasync broadcastAll(event: String, data: Object, user: {include: String[], exclude: String[]}?, context: : {include: String[], exclude: String[]}?, identifier: {include: String[], exclude: String[]}?, headers: Object?)
: Broadcast websocket event (including to sender) by optionally restrict to users, contexts or identifiers and optionally providing headersasync enter(context: String)
: Enter a contextasync exit(context: String)
: Exit a contextasync disconnect()
: Disconnect server socketonDisconnect(callback: Function)
: Register callback function called on disconnect of server socket
Middlewares
For each server websocket connection the standard CDS middlewares are applied. That means, that especially the correct CDS context is set up and the configured authorization strategy is applied.
Tenant Isolation
WebSockets are processed tenant aware. Especially for broadcasting events tenant isolation is ensured, that only websocket clients connected for the same tenant are notified in tenant context. Tenant isolation is also ensured over remote distribution via Redis.
Authentication & Authorization
Authentication only works via AppRouter (e.g. using a UAA configuration), as the auth token is forwarded
via authorization header bearer token by AppRouter to backend instance. CDS middlewares process the auth token and
set the auth info accordingly. Authorization scopes are checked as defined in the CDS services @requires
annotations
and authorization restrictions are checked as defined in the CDS services @restrict
annotations.
Invocation Context
In context of a WebSocket enabled CDS services, WebSockets events can be directly emitted to the service in the event handler:
srv.on("action", async (req) => {
await srv.emit("message", req.data);
});
In case, the context of invocation is not a WebSocket service, e.g. call is coming from OData or Rest request, still the WebService events can be published by connecting to the WebSocket enabled service as follows:
const wsService = await cds.connect.to("WSService");
await wsService.emit("message", req.data);
cds.conntect.to
can be used to connect to any WebSocket enabled service, to emit events to the WebSocket service.
Transactional Safety
In most situations only websocket events shall be broadcast, in case the primary transaction succeeded.
It can be done manually, by emitting CDS event as part of the req.on("succeeded")
handler.
req.on("succeeded", async () => {
await srv.emit("received", req.data);
});
Alternatively you can leverage the CAP in-memory outbox via cds.outboxed
as follows:
const chatService = cds.outboxed(await cds.connect.to("ChatService"));
await chatService.emit("received", req.data);
This has the benefit, that the event emitting is coupled to the success of the primary transaction. Still the asynchronous event processing could fail, and would not be retried anymore. That's where the CDS persistent outbox comes into play.
CDS Persistent Outbox
Websocket events can also be sent via the CDS persistent outbox. That means, the CDS events triggering the websocket broadcast are added to the CDS persistent outbox when the primary transaction succeeded. The events are processed asynchronously and transactional safe in a separate transaction. It is ensured, that the event is processed in any case, as outbox keeps the outbox entry open, until the event processing succeeded.
The transactional safety can be achieved using cds.outboxed
with kind persistent-outbox
as follows:
const chatService = cds.outboxed(await cds.connect.to("ChatService"), {
kind: "persistent-outbox",
});
await chatService.emit("received", req.data);
In that case, the websocket event is broadcast to websocket clients exactly once, when the primary transaction succeeds. In case of execution errors, the event broadcast is retried automatically, while processing the persistent outbox.
Client Determination
The client determination during WebSocket event broadcasting/emitting, is based on the following filtering options of the event:
- Tenant: Only websocket clients connected to the same event tenant are notified.
- Service: Only websocket clients connected to the same event service are notified.
- User: Only websocket clients connected to the current or defined event users are notified.
- Context: Only websocket clients in the part of the defined event contexts are notified.
- Client Identifier: Only websocket clients with the defined event client identifier are notified.
Tenant and service are determined automatically based on the CDS context and are applied per default to ensure tenant and service isolation. User, context and client identifier are optional and are determined based on the event data or event emit headers. They can be combined arbitrarily to filter the websocket clients to be notified.
The client filtering options are depicted in the following diagram:
The diagram shows the mandatory filtering layer tenant
and service
and the optional filtering layers user
,
context
and client identifier
.
The +
and -
symbols on the optional filter layers indicating the possibility to include (+
) or exclude (-
)
filtering conditions as described in the upcoming sections.
Event Users
Current User
Events are broadcast to all websocket clients, including clients established in context of current context user.
To influence event broadcasting based on current context user, the annotation @websocket.user
or @ws.user
is
available on
event level and event element level (alternatives include @websocket.broadcast.user
or @ws.broadcast.user
):
Valid annotation values are:
- Event level:
'includeCurrent'
: Current context user is statically included during broadcasting to websocket clients. Only websocket clients established in context to that user are respected during event broadcast.'excludeCurrent'
: Current context user is statically excluded during broadcasting to websocket clients. All websocket clients established in context to that user are not respected during event broadcast.
- Event element level:
'includeCurrent'
: Current context user is dynamically included during broadcasting to websocket clients, based on the value of the annotated event element. If truthy, only websocket clients established in context to that user are respected during event broadcast.'excludeCurrent'
: Current context user is dynamically excluded during broadcasting to websocket clients, based on the value of the annotated event element. If truthy, all websocket clients established in context to that user are not respected during event broadcast.
Furthermore, also additional equivalent annotations alternatives are available:
Include current user:
@websocket.currentUser.include: Boolean
(shorthand:@websocket.currentUser: Boolean
)@ws.currentUser.include: Boolean
(shorthand:@ws.currentUser: Boolean
)@websocket.broadcast.currentUser.include: Boolean
(shorthand:@websocket.broadcast.currentUser: Boolean
)@ws.broadcast.currentUser.include: Boolean
(shorthand:@ws.broadcast.currentUser: Boolean
)
Exclude current user:
@websocket.currentUser.exclude: Boolean
@ws.currentUser.exclude: Boolean
@websocket.broadcast.currentUser.exclude: Boolean
@ws.broadcast.currentUser.exclude: Boolean
Examples:
Event Level:
@websocket.user: 'includeCurrent'
event received {
name: String;
text: String;
}
Event is published only to websocket clients established in context to the current context user.
Event Element Level:
event received {
name: String;
text: String;
@websocket.currentUser.exclude
flag: Boolean
}
Event is published only to websocket clients not established in context to the current context user, if the event data of
flag
is falsy.
Defined Users
Events are broadcast to all websocket clients. To influence event broadcasting based on defined users, the following annotations to include or exclude defined users are available:
Include user(s):
@websocket.user.include
(shorthand:@websocket.user
)@ws.user.include
(shorthand:@ws.user
)@websocket.broadcast.user.include
(shorthand:@websocket.broadcast.user
)@ws.broadcast.user.include
(shorthand:@ws.broadcast.user
)
Exclude user(s):
@websocket.user.exclude
@ws.user.exclude
@websocket.broadcast.user.exclude
@ws.broadcast.user.exclude
Valid annotation values are:
- Event level:
- Type:
String[] | String
- Provide static unique users to include to or exclude from event broadcasting
- Value can be a single user or an array of users
- Type:
- Event element level:
- Type:
Boolean
- Value from event data for the annotated element is used as users to include to or exclude from event broadcasting
- Value can be a single user or an array of users
- Type:
Examples:
Event Level:
@websocket.user.exclude: 'ABC'
event received {
name: String;
text: String;
}
Event is published to all users except the user ABC
.
Event Element Level:
event received {
name: String;
text: String;
@websocket.user.include
users: many String;
}
Event is only published to all users listed in the event data of users
.
Event Contexts
It is possible to broadcast events to a subset of clients. By entering or exiting contexts, the server can be instructed
to determine to which subset of clients the event shall be emitted, based on the event. To specify which data parts of the
event are leveraged for setting up the context, the annotation @websocket.context
or @ws.context
is available on
event element level (alternatives include @websocket.broadcast.context
or @ws.broadcast.context
). For static
contexts
the annotation can also be used on event level, providing a static event context string.
To influence event broadcasting based on event contexts, the following annotations to include or exclude contexts are available:
Include context(s):
@websocket.context.include
(shorthand:@websocket.context
)@ws.context.include
(shorthand:@ws.context
)@websocket.broadcast.context.include
(shorthand:@websocket.broadcast.context
)@ws.broadcast.context.include
(shorthand:@ws.broadcast.context
)
Exclude context(s):
@websocket.context.exclude: String[] | String
@ws.context.exclude: String[] | String
@websocket.broadcast.context.exclude: String[] | String
@ws.broadcast.context.exclude: String[] | String
Valid annotation values are:
- Event level:
- Type:
String[] | String
- Provide static contexts to include to or exclude from event broadcasting
- Value can be a single context or an array of contexts
- Type:
- Event element level:
- Type:
Boolean
- Value from event data for the annotated element is used as context to include to or exclude from event broadcasting
- Value can be a single context or an array of contexts
- Type:
Examples:
Event Level:
@websocket.context: 'ABC'
event received {
ID: UUID;
text: String;
}
Event is only published to all clients in context ABC
.
Event Element Level:
event received {
@websocket.context
ID: UUID;
text: String;
}
Event is only published to all clients in context of the event data of ID
.
The annotation can be used on multiple event elements setting up different event contexts in parallel, if event shall be broadcast/emitted into multiple contexts at the same time.
event received {
@websocket.context
ID: UUID;
@websocket.context
name: String;
text: String;
}
Event contexts can also be established via event elements of many
or array of
type:
event received {
@websocket.context
ID: many UUID;
text: String;
}
This allows setting up an unspecified number of different event contexts in parallel during runtime.
Event contexts support all CDS/JS types. The serialization is performed as follows:
Date
:context.toISOString()
Object
:JSON.stringify(context)
- other:
String(context)
To manage event contexts the following options exist:
- Server side: Call websocket service facade
- CDS context object
req
exposes the websocket facade viareq.context.ws.service
providing the following context functions- Enter Context:
enter(context: String)
- Enter the current server socket into the passed context - Exit Context:
exit(context: String)
- Exit the current server socket from the passed context
- Enter Context:
- CDS context object
- Client side: Emit
wsContext
event from client socket- Enter Context:
- WS Standard:
socket.send(JSON.stringify({ event: "wsContext", data: { context: "..." } }));
- Socket.IO:
socket.emit("wsContext", { context: "..." });
- WS Standard:
- Exit:
- WS Standard:
socket.send(JSON.stringify({ event: "wsContext", data: { context: "...", exit: true } }));
- Socket.IO:
socket.emit("wsContext", { context: "...", exit: true });
- WS Standard:
- Enter Context:
Multiple contexts can be entered for the same server socket at the same time. Furthermore, a service operation named
wsContext
is invoked, if existing on the websocket enabled CDS service. Event context isolation is also ensured
over remote distribution via Redis.
For Socket.IO (kind: socket.io
) contexts are implemented leveraging Socket.IO rooms.
Event Client Identifiers
Events are broadcast to all websocket clients, including clients that performed certain action. When events are send as part of websocket context, access to current socket is given, but if actions are performed outside websocket context, there are no means to identify the client that performed the action.
That's where the event client identifier come into play. Client identifier are unique consumer-provided strings, that are provided during the websocket connection to identify the websocket client as well as in other request cases (e.g. OData call). When an OData call with a client identifier is performed, it can be used to restrict the websocket event broadcasting.
In some cases, the websocket clients shall be restricted on an instance basis. There are use-cases, that only certain
clients are informed about an event and also in other cases the client shall not be informed about the event, that was
triggered by the same client (maybe via a different channel, e.g. OData).
Therefore, websocket clients can be identified optionally by a unique identifier provided as URL parameter option
?id=<globally unique value>
.
The annotation @websocket.identifier.include
or @ws.identifier.include
is available on event level and event element
level to influence event broadcasting based websocket client identifier to include certain clients based on their
identifier (not listed clients are no longer respected when set)
(alternatives include @websocket.broadcast.identifier.include
or @ws.broadcast.identifier.include
):
The annotation @websocket.identifier.exclude
or @ws.identifier.exclude
is available on event level and event element
level to influence event broadcasting based websocket client identifier to exclude certain clients based on their
identifier (alternatives include @websocket.broadcast.identifier.exclude
or @ws.broadcast.identifier.exclude
):
The full list of annotations is:
Include client identifier(s):
@websocket.identifier.include
(shorthand:@websocket.identifier
)@ws.identifier.include
(shorthand:@ws.identifier
)@websocket.broadcast.identifier.include
(shorthand:@websocket.broadcast.identifier
)@ws.broadcast.identifier.include
(shorthand:@ws.broadcast.identifier
)
Exclude client identifiers(s):
@websocket.identifier.exclude: String[] | String
@ws.identifier.exclude: String[] | String
@websocket.broadcast.identifier.exclude: String[] | String
@ws.broadcast.identifier.exclude: String[] | String
Valid annotation values are:
- Event level:
- Type:
String[] | String
- Provide static unique identifiers to include or exclude clients from event broadcasting
- Value can be a single identifier string or an array of identifier strings
- Type:
- Event element level:
- Type:
Boolean
- Value from event data for the annotated element is used as unique identifiers to include or exclude websocket clients from event broadcasting
- Value can be a single identifier string or an array of identifier strings
- Type:
Examples:
Event Level:
@websocket.identifier.include: 'ABC'
event received {
ID: UUID;
text: String;
}
Event is only published to all clients with identifier ABC
.
Event Element Level:
event received {
ID: UUID;
@websocket.identifier.include
ids: many String;
}
Event is only published to all clients with identifiers listed in the event data of ids
.
Client Setup
The unique identifier can be provided for a websocket client as follows:
- WS Standard:
socket = new WebSocket("ws://localhost:4004/ws/chat?id=1234");
- Socket.IO:
const socket = io("/ws/chat?id=1234");
Event Emit Headers
The websocket implementation allows to provide event emit headers to dynamically control websocket processing. The following headers are available:
- Include current user to event publication (see section Event Users -> Current User):
wsCurrentUser: Boolean
(shorthand)wsCurrentUser.include: Boolean
wsCurrentUserInclude: Boolean
currentUser: Boolean
(shorthand)currentUser.include: Boolean
currentUserInclude: Boolean
- Exclude current user from event publication (see section Event Users -> Current User)
wsCurrentUser.exclude: Boolean
wsCurrentUserExclude: Boolean
currentUser.exclude: Boolean
currentUserExclude: Boolean
- Include one or many users to event publication (see section Event Users -> Defined Users):
wsUsers: String[] | String
(shorthand)wsUser: String[] | String
(shorthand)wsUser.include: String[] | String
wsUserInclude: String[] | String
users: String[] | String
(shorthand)user: String[] | String
(shorthand)user.include: String[] | String
userInclude: String[] | String
- Exclude one or many users from event publication (see section Event Users -> Defined Users)
wsUser.exclude: String[] | String
wsUserExclude: String[] | String
user.exclude: String[] | String
userExclude: String[] | String
- Include one or many contexts to event publication (see section Event Contexts)
wsContext: String[] | String
(shorthand)wsContexts: String[] | String
(shorthand)wsContext.include: String[] | String
wsContextInclude: String[] | String
context: String[] | String
(shorthand)contexts: String[] | String
(shorthand)context.include: String[] | String
contextInclude: String[] | String
- Exclude one or many contexts from event publication (see section Event Contexts)
wsContext.exclude: String[] | String
wsContextExclude: String[] | String
context.exclude: String[] | String
contextExclude: String[] | String
- Include one or many clients identifiers to event publication (see section Event Client Identifier)
wsIdentifier: String[] | String
(shorthand)wsIdentifiers: String[] | String
(shorthand)wsIdentifier.include: String[] | String
wsIdentifierInclude: String[] | String
identifier: String[] | String
(shorthand)identifiers: String[] | String
(shorthand)identifier.include: String[] | String
identifierInclude: String[] | String
- Exclude one or many client identifiers from event publication (see section Event Client Identifier)
wsIdentifier.exclude: String[] | String
wsIdentifierExclude: String[] | String
identifier.exclude: String[] | String
identifierExclude: String[] | String
Emitting events with headers can be performed as follows:
await srv.emit("customEvent", { ... }, {
contexts: ["..."],
currentUser: {
exclude: req.data.type === "1"
},
user: {
include: "...",
exclude: ["..."],
},
identifier: {
include: ["..."],
exclude: "...",
},
});
Event HTTP Headers
In addition to the above event emit headers, HTTP conform headers can be specified starting with x-websocket-
or x-ws-
prefix. The lower case header names are converted to camel-cased header names removing prefix, e.g. x-ws-current-user
becomes currentUser
.
Header string values are parsed according to their value to types Boolean
, Number
or String
.
Format specific HTTP conform headers can be defined in formatter named subsection, x-websocket-<format>-
or x-ws-<format>-
.
Examples (for format cloudevent
):
x-ws-cloudevent-subject: 'xyz'
becomes nested JSON header object{ "cloudevent": { subject: "xyz" } }
incloudvent
formatter.x-ws-cloudevent-value: '1'
becomes nested JSON header object{ "cloudevent": { value: 1 } }
incloudvent
formatter.
Value Aggregation
The respective event annotations (described in sections above) are respected in addition to event emit header specification. All event annotation values (static or dynamic) and header values are aggregated during event emit according to their kind. Values of all headers and annotations of same semantic type are unified for single and array values.
Format Headers
In addition to the above event emit headers, format specific event headers can be specified in the websocket
or ws
section
during event emit.
await srv.emit("customEvent", { ... }, {
ws: {
a: 1,
cloudevent: {
e: true
}
},
websocket: {
b: "c"
}
});
These headers are made available to the format compose(event, data, headers)
function, to be included in the
composed WebSocket message, if applicable (e.g. format: pcp
, cloudevent
). Format specific headers can also be defined
in formatter named subsection, e.g. ws.cloudevent.e: true
(for format cloudevent
), to avoid conflicts.
Ignore Definitions
To ignore elements and parameters during event processing, the annotation @websocket.ignore
or @ws.ignore
is available
on event element and operation parameter level. The annotation can be used to exclude elements and parameters from WebSocket event.
WebSocket Format
Per default the CDS websocket format is json
, as CDS internally works with JSON objects.
WS Standard and Socket.IO support JSON format as follows:
- WS Standard: Message is serialized to a JSON object with format
{ event, data }
- Socket.IO: Events and JSON objects are intrinsically supported. No additional serialization is necessary.
SAP Push Channel Protocol (PCP)
CDS WebSocket module supports the SAP Push Channel Protocol (PCP) out-of-the-box.
A PCP message has the following structure:
pcp-action:MESSAGE
pcp-body-type:text
field1:value1
field2:value2
this is the body!
To configure the PCP format, the service needs to be annotated in addition with @websocket.format: 'pcp'
or
@ws.format: 'pcp'
:
@ws
@ws.format: 'pcp'
service PCPService {
// ...
}
With this configuration WebSocket events consume or produce PCP formatted messages. To configure the PCP message format the following annotations are available:
- Operation level:
@websocket.pcp.action, @ws.pcp.action: String
: Correlatepcp-action
in PCP message to identify the CDS operation via annotation. If not defined, the operation name is correlated.
- Operation parameter level:
@websocket.pcp.message, @ws.pcp.message: Boolean
: Correlate the PCP message body to the operation parameter representing the message.
- Event level:
@websocket.pcp.event, @ws.pcp.event: Boolean
: Expose the CDS event aspcp-event
field in the PCP message.@websocket.pcp.message, @ws.pcp.message: String
: Expose a static message text as PCP message body.@websocket.pcp.action, @ws.pcp.action: String
: Exposes a static action aspcp-action
field in the PCP message. DefaultMESSAGE
.
- Event element level:
@websocket.pcp.message, @ws.pcp.message: Boolean
: Expose the string value of the annotated event element as PCP message body.@websocket.pcp.action, @ws.pcp.action: Boolean
: Expose the string value of the annotated event element aspcp-action
field in the PCP message. DefaultMESSAGE
.
Cloud Events
CDS WebSocket module supports the Cloud Events specification out-of-the-box according to WebSockets Protocol Binding for CloudEvents.
A Cloud Event message has the following structure:
{
"specversion": "1.0",
"type": "com.example.someevent",
"source": "/mycontext",
"subject": null,
"id": "C234-1234-1234",
"time": "2018-04-05T17:31:00Z",
"comexampleextension1": "value",
"comexampleothervalue": 5,
"datacontenttype": "application/json",
"data": {
"appinfoA": "abc",
"appinfoB": 123,
"appinfoC": true
}
}
To configure the CloudEvents format, the service needs to be annotated in addition with @websocket.format: 'cloudevent'
or
@ws.format: 'cloudevent'
.
@ws
@ws.format: 'cloudevent'
service CloudEventService {
// ...
}
To create a Cloud Event compatible CDS event, either the event is modeled as CDS service event according to the specification or a CDS event is mapped via annotations to a Cloud Event compatible event.
Modeling Cloud Event
Cloud event can be explicitly modelled as CDS event, matching the specification of cloud event attributes.
Example:
event cloudEvent {
specversion : String;
type : String;
source : String;
subject : String;
id : String;
time : String;
comexampleextension1 : String;
comexampleothervalue : String;
datacontenttype : String;
data: {
appinfoA : String;
appinfoB : Integer;
appinfoC : Boolean;
}
}
The CDS event cloudEvent
is explicitly modeled according to the Cloud Event specification.
The event data is passed inbound and outbound in the exact same representation as JSON object, as specified.
No additional annotations are necessary to be defined.
Mapping Cloud Event
CDS events can also be mapped to Cloud Event compatible events via headers and CDS annotations. The implementation is based on the
generic
formatter (see section below), that allows to map CDS events to Cloud Event compatible events based on
cloud event specific headers and wildcard annotations, starting with @websocket.cloudevent.<annotation>
or @ws.cloudevent.<annotation>
to match the Cloud Event specific attributes.
The provided header values in the websocket
or ws
section are mapped to the cloud event attributes generically, if available.
Example:
await srv.emit(
"cloudEvent",
{
appinfoA,
appinfoB,
appinfoC,
},
{
ws: {
specversion: "1.0",
type: "com.example.someevent.cloudEvent4",
source: "/mycontext",
subject: req.data._subject || "example",
id: "C234-1234-1234",
time: "2018-04-05T17:31:00Z",
comexampleextension1: "value",
comexampleothervalue: 5,
datacontenttype: "application/json",
},
},
);
Subsequently, the following annotations are respected:
- Event level:
@websocket.cloudevent.<attribute>: <value>
- Type:
any
(according to Cloud Event JSON format) - Provide static cloud event attribute value, according to cloud event specification
- Event element level:
@websocket.cloudevent.<attribute>
- Type:
Boolean
- Value from event data for the annotated element is used as dynamic cloud event attribute value, according to cloud event attribute specification
Examples:
Event Level:
@ws.cloudevent.specversion : '1.0'
@ws.cloudevent.type : 'com.example.someevent'
@ws.cloudevent.source : '/mycontext'
@ws.cloudevent.subject : 'example'
@ws.cloudevent.id : 'C234-1234-1234'
@ws.cloudevent.time : '2018-04-05T17:31:00Z'
@ws.cloudevent.comexampleextension1: 'value'
@ws.cloudevent.comexampleothervalue: 5
@ws.cloudevent.datacontenttype : 'application/json'
event cloudEvent2 {
appinfoA : String;
appinfoB : Integer;
appinfoC : Boolean;
}
Event is published via cloud event sub-protocol, with the specified static cloud event attributes. The CDS event data is consumed as cloud event data section.
Event Element Level:
event cloudEvent3 {
@ws.cloudevent.specversion
specversion : String
@ws.cloudevent.type
type : String
@ws.cloudevent.source
source : String
@ws.cloudevent.subject
subject : String
@ws.cloudevent.id
id : String
@ws.cloudevent.time
time : String
@ws.cloudevent.comexampleextension1
extension1 : String
@ws.cloudevent.comexampleothervalue
othervalue : String
@ws.cloudevent.datacontenttype
datacontenttype : String;
appinfoA : String;
appinfoB : Integer;
appinfoC : Boolean;
}
Event is published via cloud event sub-protocol, with the specified dynamic cloud event attributes derived from CDS event elements. Annotated elements are consumed as cloud event attributes, non-annotated elements are consumed as cloud event data section.
Static and dynamic annotations can be combined. Static values have precedence over dynamic values, if defined.
Cloud Event Operation
CDS service operations (actions or functions) can also be exposed via cloud event. The operation name is derived from the @websocket.cloudevent.name
or
@ws.cloudevent.name
annotation. Emitting a cloud event based websocket event that matches the annotation value of name
, calls the
respective service operation handler.
The operation parameter structure can be either modelled according to the Cloud Event specification using the attributes as parameter names or
mapped via annotations like @websocket.cloudevent.<annotation>
or @ws.cloudevent.<annotation>
to a Cloud Event compatible structure.
The following annotations are respected:
- Operation level:
@websocket.cloudevent.<attribute>: <value>
- Type:
any
(according to Cloud Event JSON format) - Provide static cloud event attribute value, according to cloud event specification
- Operation parameter level:
@websocket.cloudevent.<attribute>
- Type:
Boolean
- Value from operation parameter for the annotated element is used as dynamic cloud event attribute value, according to cloud event attribute specification
Examples:
Model Operation Parameters:
type CloudEventDataType : {
appinfoA : String;
appinfoB : Integer;
appinfoC : Boolean;
};
@ws.cloudevent.name: 'com.example.someevent'
action sendCloudEventModel( subject : String, comexampleextension1 : String, comexampleothervalue : Integer, data: CloudEventDataType) returns Boolean;
Map Operation Parameters:
@ws.cloudevent.name: 'com.example.someevent'
@ws.cloudevent.subject: 'cloud'
action sendCloudEventMap(
@ws.cloudevent.subject subject : String,
@ws.cloudevent.comexampleextension1 extension1 : String,
@ws.cloudevent.comexampleothervalue othervalue : Integer,
appinfoA : String,
appinfoB : Integer,
appinfoC : Boolean
@ws.ignore appinfoD : String
) returns Boolean;
Unmapped operation parameters are consumed as cloud event data section and can be skipped for cloud event data section
via @ws.ignore
, if not necessary.
Cloud Event Format Alternative
Alternatives for format cloudevent
also allows to use the plural name @websocket.format: 'cloudevents'
or @ws.format: 'cloudevents'
,
if preferred. All headers and annotations are also named in plural form accordingly, e.g. @ws.cloudevents.name
, etc.
Custom Format
A custom websocket format implementation can be provided via a path relative to the project root
in @websocket.format
resp. @ws.format
annotation (e.g. @ws.format: './format/xyz.js'
).
The custom format class needs to implement the following functions:
- parse(data): Parse the event data into internal data (JSON), i.e.
{ event, data }
- compose(event, data, headers): Compose the internal event data (JSON) and event headers into a formatted string.
For kind
socket.io
, it can also be a JSON object.
In addition, it can implement the following functions (optional):
- constructor(service, origin): Setup instance with service definition and origin format on creation
Generic Format
Additionally, a custom formatter can be based on the generic implementation src/format/generic.js
providing a name and identifier.
Values are derived via CDS annotations based on wildcard annotations
@websocket.<format>.<annotation>
or @ws.<format>.<annotation>
using the formatter name.
In addition, provided header values in the websocket
or ws
section are also used to derived values from.
Format specific headers can also be defined in formatter named subsection, e.g. ws.cloudevent.e: true
(for format cloudevent
),
to avoid conflicts.
The following generic implementation specifics are included:
- parse: Data is parsed generically
- Parsing is based on formatter specific wildcard annotations on operation level (static) or operation parameter level (dynamic), if available.
- CDS operation (action or function) is derived from generic annotation
@websocket.<format>.name
or@ws.<format>.name
. - Operation identification is based on the formatter identifier (default
name
) on event data, that can be specified per formatter. - Data is passed further as-is, in case no CDS annotations are present for format
- compose: Data is composed generically
- First data is composed based on headers, if available (see section Format Headers)
- Subsequently, formatter specific wildcard annotations on event level (static) or event element level (dynamic) are processed
The generic formatter can also directly be used via annotations @websocket.format: 'generic'
or @ws.format: 'generic'
.
Values are derived from data via CDS annotations based on wildcard annotations @websocket.generic.<annotation>
or @ws.generic.<annotation>
and headers from subsections websocket.generic.<header>
or ws.generic.<header>
.
Connect & Disconnect
Every time a server socket is connected via websocket client, the CDS service is notified by calling the corresponding service operation:
Connect
: Invoke service operationwsConnect
, if availableDisconnect
: Invoke service operationwsDisconnect
, if available
Approuter
Authorization in provided in production by Approuter component (e.g. via XSUAA auth). Valid UAA bindings for Approuter and backend are necessary, so that the authorization flow is working. Locally, the following default environment files need to exist:
test/_env/default-env.json
{ "VCAP_SERVICES": { "xsuaa": [{}] } }
test/_env/approuter/default-services.json
{ "uaa": {} }
Approuter is configured to support websockets in xs-app.json
according
to @sap/approuter - websockets property:
{
"websockets": {
"enabled": true
}
}
For local testing without approuter a mocked basic authorization is hardcoded in flp.html/index.html
.
Operations
Operations comprise actions and function in the CDS service that are exposed by CDS service either unbound (static level) or bound (entity instance level). Operations are exposed as part of the websocket protocol as described below.
Operation Results
Operation results will be provided via optional websocket acknowledgement callback.
Operation results are only supported with Socket.IO (
kind: socket.io
) using acknowledgement callbacks.
Unbound Operations
Each unbound function and action is exposed as websocket event. The signature (parameters and return type) is passed through without additional modification. Operation result will be provided as part of acknowledgment callback.
Special operations
The websocket adapter tries to call the following special operations on the CDS service, if available:
wsConnect
: Callback to notify that a socket was connectedwsDisconnect
: Callback to notify that a socket was disconnectedwsContext
: Callback to notify that a socket changed the event context (details see section Event Contexts)
Bound Operations
Each service entity is exposed as CRUD interface via as special events as
proposed here.
The event is prefixed with the entity name and has the CRUD operation as suffix, e.g. Books:create
.
In addition, also bound functions and actions are included into these schema, e.g. Books:sell
.
The signature (parameters and return type) is passed through without additional modification.
It is expected, that the event payload contains the primary key information.
CRUD/action/function result will be provided as part of acknowledgment callback.
CRUD Operations
Create, Read, Update and Delete (CRUD) actions are mapped to websocket events as follows:
<entity>:create
: Create an entity instance<entity>:read
: Read an entity instance by key<entity>:readDeep
: Read an entity instance deep (incl. deep compositions) by key<entity>:update
: Update an entity instance by key<entity>:delete
: Delete an entity instance by key<entity>:list
: List all entity instances<entity>:<operation>
: Call a bound entity operation (action/function)
Events can be emitted and the response can be retrieved via acknowledgment callback (kind: socket.io
only).
CRUD Broadcast Events
CRUD events that modify entities automatically emit another event after successful processing:
<entity>:create => <entity>:created
: Entity instance has been updated<entity>:update => <entity>:updated
: Entity instance has been created<entity>:delete => <entity>:deleted
: Entity instance has been deleted
Because of security concerns, it can be controlled which data of those events is broadcast,
via annotations @websocket.broadcast
or @ws.broadcast
on entity level.
- Propagate only key via one of the following options (default, if no annotation is present):
@websocket.broadcast = 'key'
@websocket.broadcast.content = 'key'
@ws.broadcast = 'key'
@ws.broadcast.content = 'key'
- Propagate complete entity data via one of the following options:
@websocket.broadcast = 'data'
@websocket.broadcast.content = 'data'
@ws.broadcast = 'data'
@ws.broadcast.content = 'data'
- Propagate no data (hence suppress CRUD broadcast event) via one of the following options:
@websocket.broadcast = 'none'
@websocket.broadcast.content = 'none'
@ws.broadcast = 'none'
@ws.broadcast.content = 'none'
If the CRUD broadcast event is modeled as part of CDS service the annotations above are ignored for that event,
and the broadcast data is filtered along the event elements. As character :
is not allowed in CDS service event names,
character :
is replaced by a scoped event name using character .
.
Example:
WebSocket Event: Object:created
is mapped to CDS Service Event: Object.created
Per default, events are broadcast to every connected socket, except the socket, that was called with the CRUD event.
To also include the triggering socket within the broadcast, this can be controlled via annotations
@websocket.broadcast.all
or @ws.broadcast.all
on entity level.
Examples
Todo (UI5)
The example UI5 todo
application using Socket.IO can be found at test/_env/app/todo
.
Example application can be started by:
- Basic Auth
- Starting backend:
npm start
- Open in browser: http://localhost:4004/flp.html#Todo-manage
- Starting backend:
- XSUAA Auth:
- Starting approuter:
npm run start:approuter
- Starting backend:
npm run start:uaa
- Open in browser: http://localhost:5001/flp.html#Todo-manage
- Starting approuter:
Chat (HTML)
An example chat
application using Socket.IO can be found at test/_env/app/chat
.
Example application can be started by:
- Basic Auth:
- WebSocket Standard:
npm start
- Browser: http://localhost:4004/chat_ws/index.html
- Socket.IO:
npm run start:socketio
- Browser: http://localhost:4004/chat_socketio/index.html
- WebSocket Standard:
- XSUAA Auth:
- Approuter:
npm run start:approuter
- WebSocket Standard:
npm run start:uaa
- Browser: http://localhost:5001/chat_ws/index.html
- Socket.IO:
npm run start:socketio:uaa
- Browser: http://localhost:5001/chat_socketio/index.html
- Approuter:
Unit-Tests
Unit-test can be found in folder test
and can be executed via npm test
;
The basic unit-test setup for WebSockets in CDS context looks as follows:
WS
"use strict";
const cds = require("@sap/cds");
const WebSocket = require("ws");
cds.test(__dirname + "/..");
const authorization = `Basic ${Buffer.from("alice:alice").toString("base64")}`;
describe("WebSocket", () => {
let socket;
beforeAll((done) => {
const port = cds.app.server.address().port;
socket = new WebSocket(`ws://localhost:${port}/ws/chat`, {
headers: {
authorization,
},
});
});
afterAll(() => {
socket.close();
cds.ws.close();
});
test("Test", (done) => {
socket.send(
JSON.stringify({
event: "event",
data: {},
}),
);
done();
});
});
Socket.io
"use strict";
const cds = require("@sap/cds");
const ioc = require("socket.io-client");
cds.test(__dirname + "/..");
cds.env.websocket.kind = "socket.io";
const authorization = `Basic ${Buffer.from("alice:alice").toString("base64")}`;
describe("WebSocket", () => {
let socket;
beforeAll((done) => {
const port = cds.app.server.address().port;
socket = ioc(`http://localhost:${port}/ws/chat`, {
extraHeaders: {
authorization,
},
});
socket.on("connect", done);
});
afterAll(() => {
socket.disconnect();
cds.ws.close();
});
test("Test", (done) => {
socket.emit("event", {}, (result) => {
expect(result).toBeDefined();
done();
});
});
});
Adapters
An Adapter is a server-side component which is responsible for broadcasting events to all or a subset of clients.
WS Standard Adapters
The following adapters for WS Standard are supported out-of-the-box.
Redis
Every event that is sent to multiple clients is sent to all matching clients connected to the current server and published in a Redis channel, and received by the other websocket servers of the cluster. The app needs to be bound to a Redis service instance to set up and connect Redis client.
To use the Redis Adapter (basic publish/subscribe), the following steps have to be performed:
- Set
cds.websocket.adapter.impl: "redis"
- Application needs to be bound to a Redis instance
- Cloud Foundry: Redis is automatically active
- Use option
cds.websocket.adapter.active: false
to disable Redis adapter
- Use option
- Other Environment (e.g. Kyma): Redis is NOT automatically active
- Use option
cds.websocket.adapter.active: true
to enable Redis adapter
- Use option
- Local: Redis is NOT automatically active
- Use option
cds.websocket.adapter.local: true
to enable Redis adapter - File
default-env.json
need to exist with Redis configuration
- Use option
- Cloud Foundry: Redis is automatically active
- Redis Adapter options can be specified via
cds.websocket.adapter.options
- Redis channel key can be specified via
cds.websocket.adapter.options.key
. Default value iswebsocket
- Redis client connection configuration can be passed via
cds.websocket.adapter.config
Custom Adapter
A custom websocket adapter implementation can be provided via a path relative to the project root
with the configuration cds.websocket.adapter.impl
(e.g. cds.websocket.adapter.impl: './adapter/xyz.js'
).
The custom adapter class needs to implement the following functions:
- on(service, path): Register an adapter subscription
- emit(service, path, message): Emit an adapter event message
In addition, it can implement the following functions (optional):
- constructor(server, config): Setup instance on creation
- setup(): Perform some async setup activities (optional)
Socket.IO Adapters
The following adapters for Socket.IO are supported out-of-the-box.
Redis Adapter
To use the Redis Adapter, the following steps have to be performed:
- Install Redis Adapter dependency:
npm install @socket.io/index-adapter
- Set
cds.websocket.adapter.impl: "@socket.io/index-adapter"
- Application needs to be bound to a Redis instance
- Locally a
default-env.json
file need to exist with index configuration
- Locally a
- Redis Adapter options can be specified via
cds.websocket.adapter.options
- Redis channel key can be specified via
cds.websocket.adapter.options.key
. Default value issocket.io
.
Details: https://socket.io/docs/v4/index-adapter/
Redis Streams Adapter
To use the Redis Stream Adapter, the following steps have to be performed:
- Install Redis Streams Adapter dependency:
npm install @socket.io/index-streams-adapter
- Set
cds.websocket.adapter.impl: "@socket.io/index-streams-adapter"
- Application needs to be bound to a Redis instance
- Locally a
default-env.json
file need to exist with index configuration
- Locally a
- Redis Streams Adapter options can be specified via
cds.websocket.adapter.options
- Redis channel key can be specified via
cds.websocket.adapter.options.streamName
. Default value issocket.io
.
Details: https://socket.io/docs/v4/index-streams-adapter/
Custom Adapter
A custom websocket adapter implementation can be provided via a path relative to the project root
with the configuration cds.websocket.adapter.impl
(e.g. cds.websocket.adapter.impl: './adapter/xyz.js'
).
The custom adapter need to fulfill the Socket.IO adapter interface (https://socket.io/docs/v4/adapter/).
Deployment
This module also works on a deployed infrastructure like Cloud Foundry (CF) or Kubernetes (K8s).
An example Cloud Foundry deployment can be found in test/_env
:
cd test/_env
- Use manifest.yml
npm run cf:push
- Prepares modules
approuter
andbackend
intest/_env
and pushes to Cloud Foundry- Approuter performs authentication flow with XSUAA and forwards to backend
- Backend serves endpoints (websocket, odata) and UI apps (runs on an in-memory SQLite3 database)
- Prepares modules
In deployed infrastructure, websocket protocol is exposed via Web Socket Secure (WSS) at wss://
over an encrypted TLS
connection.
For WebSocket standard the following setup in browser environment is recommended to cover deployed and local use-case:
const protocol = window.location.protocol === "https:" ? "wss://" : "ws://";
const socket = new WebSocket(protocol + window.location.host + "/ws/chat");
Support, Feedback, Contributing
This project is open to feature requests/suggestions, bug reports etc. via GitHub issues. Contribution and feedback are encouraged and always welcome. For more information about how to contribute, the project structure, as well as additional contribution information, see our Contribution Guidelines.
Code of Conduct
We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone. By participating in this project, you agree to abide by its Code of Conduct at all times.
Licensing
Copyright 2024 SAP SE or an SAP affiliate company and websocket contributors. Please see our LICENSE for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available via the REUSE tool.